Michael Figueroa
Michael Figueroa

Information Security Practice Lead

20 Years of Experience
MessageSend a Message
Cybersecurity Consulting Services

Cybersecurity Consulting Services — Enhance Your Business’s Security

Counter legacy and emerging cyberthreats by leveraging Toptal’s comprehensive cybersecurity consulting services. Partner with our vCISO executive security advisors, security risk specialists, and cyberdefense experts in vulnerability management, penetration testing, and secure code reviews.
Get a Free Consultation Now
Clients Served
25,000+
Total Vetted Professionals
20,000+
Toptal Total Projects Delivered
64,000+
Cybersecurity Project Hours Delivered
124,000+

TRUSTED BY LEADING BRANDS

Our Services

Toptal Cybersecurity Consulting Services

Whether you’re a security technologist or a business leader responsible for security in your organization, Toptal’s Cybersecurity Consulting services can provide you with comprehensive subject matter expertise. From enterprise security assessments and compliance-advisory consulting to product security-control integration, Toptal is the partner you are looking for.

Security Assessment

Evaluate your organizational security and receive recommendations to prevent cyberthreats.

Cybersecurity Incident Response Planning

Strengthen cybersecurity defenses with efficient incident response planning.

Product Security

Integrate our product security solutions into your development processes for more secure products and applications.

Security Compliance Readiness

Align security compliance with ISO 27001, SOC 2, and other regulatory standards.

Privacy Program Design

Build a privacy framework, align with CCPA or GDPR, and safeguard sensitive data.

Network Security

Expertly address network security gaps, segment weaknesses, and manage firewalls.

Security Audit Support and Preparation

Prepare for compliance audits with cybersecurity experts in ISO 27001, SOC 2, PCI, HITRUST, and more.

Security Risk Assessments

Partner with Toptal cybersecurity experts to conduct and manage risk assessment in specific threat landscapes.

Cyberdefense

Leverage CEH- or OSCP-certified consultants to solve cybersecurity challenges and receive vulnerability management support.

Enterprise Security Advisory

Customize enterprise cybersecurity programs with vCISO executive advisors for asset protection.

Vendor Risk Management

Enhance supply chain relationships with comprehensive standards and procedures for improved vendor security.

Security Training and Awareness

Boost data and infrastructure defense with threat intelligence and user awareness through cybersecurity training programs.

Security Operations Management

Improve your cybersecurity architecture with industry-leading tooling (e.g., MDR, SIEM) for log analysis, monitoring, and incident detection and response.

Cloud Security Consulting

Securely migrate to Google Cloud and other major platforms with the support of proven cloud experts.

Business Continuity and Disaster Recovery Planning

Ensure business continuity with trustworthy cyber-resilience strategies to protect against system outages.

Pen Testing and Vulnerability Assessments

Identify and fortify security gaps with expert penetration testing and thorough vulnerability assessments.

Looking for guidance about the perfect cybersecurity consulting solution for your needs? 

Get a Free Consultation Now
PARTNERSHIP THAT WORKS

How We Deliver Cybersecurity Consulting Services

With experience at leading companies, members of our talent network develop and deploy tailored cybersecurity solutions to meet your business needs and unique industry demands for sustainable results and long-term success.

1

Discover

2

Define

3

Develop

4

Deploy

Michael Figueroa
Michael Figueroa
Information Security Practice Lead

Michael is dedicated to helping Toptal clients and talent more effectively navigate the industrywide skills gap with a security-centric application of the world’s largest distributed network of highly skilled talent. As the former president of the Advanced Cyber Security Center and a past chief information security officer, he brings a depth of industry expertise to his leadership of Toptal’s Information Security Services. Michael’s educational background includes a Bachelor of Science degree in brain and cognitive sciences from MIT.Michael is dedicated to helping Toptal clients and talent more effectively navigate the industrywide skills gap with a security-centric application of the world’s largest distributed network of highly skilled talent. As the former president of the Advanced Cyber Security Center and a past chief information security officer, he brings a depth of industry expertise to his leadership of Toptal’s Information Security Services. Michael’s educational background includes a Bachelor of Science degree in brain and cognitive sciences from MIT.

Former President Of

ACSC
CUSTOMIZED SOLUTIONS
Cybersecurity Consulting Services That Deliver Value
Toptal delivers leading cybersecurity consulting services through its diverse talent network and flexible delivery models. We implement the right skills at each project phase, blending expertise from various roles for seamless execution.
Managed Delivery by Toptal
End-to-end project delivery per your specific requirements
Practice Lead's avatar
Practice Lead
Delivery Manager's avatar
Delivery Manager
Vulnerability Analyst's avatar
Vulnerability Analyst
Cloud Security Architect's avatar
Cloud Security Architect
Security Compliance Advisor's avatar
Security Compliance Advisor
Enterprise Security Architect's avatar
Enterprise Security Architect
Security Risk Strategist's avatar
Security Risk Strategist
Executive Security Advisor's avatar
Executive Security Advisor
Michael Figueroa
Michael Figueroa
Toptal Logo

Practice Lead

Michael is dedicated to helping Toptal clients and talent more effectively navigate the industry-wide skills gap with a security-centric application of the world’s largest distributed network of highly skilled talent. As the former President of the Advanced Cyber Security Center and a past chief information security officer (CISO), he brings a depth of industry expertise to his leadership of Toptal's Information Security Services. Michael's educational background includes a Bachelor of Science in brain and cognitive sciences from MIT.

Former President Of

Technology Experience

20+ Years

Rachael Karaffa
Rachael Karaffa
Toptal Logo

Delivery Manager

Rachael serves as a Delivery Manager at Toptal with a focus on leading diverse global teams in developing innovative solutions for our clients. She works across multiple disciplines, including technology, marketing, and management consulting. Rachael specializes in managing people and client relationships, process optimization, and driving teams toward optimal business outcomes.

Previously Managed Client

Experience

9+ Years

Gaya Dissanayake
Gaya Dissanayake
Verified Expert in Engineering
Experience Icon

11+ Years

of Experience

Vulnerability Analyst

Gaya is a cybersecurity expert who loves finding cracks in company security and creating powerful solutions to fill them. With numerous global CTF (capture the flag) competitions under her belt, Gaya excels in vulnerability management, cloud security, incident response, security awareness, and security risk management (PCI/DSS, ISO 27001, CMMC). Gaya is well versed with Qualys, Rapid7, Nessus, Splunk, Carbon Black, SentinelOne, Microsoft Sentinel, Azure cloud tools, and those in Kali Linux.

Previously at

Subbu Somasundaram
Subbu Somasundaram
Verified Expert in Engineering
Experience Icon

22+ Years

of Experience

Cloud Security Architect

Subbu is a subject matter expert in information security and has more than 22 years of information technology experience. He has assisted large enterprise customers in the banking, telecommunication, and e-commerce sectors with security transformation, DevSecOps, security architecture, and implementations. Subbu’s security expertise includes AWS, GCP, IAM, enterprise security, data protection, and application security and compliance.

Previously at

Anurag Yadav
Anurag Yadav
Verified Expert in Engineering
Experience Icon

10+ Years

of Experience

Security Compliance Advisor

Anurag is an experienced security professional with a strong background in incident handling and threat hunting based on different attack frameworks. He has expertise in Active Directory and cloud security (Azure), utilizing offensive security tools such as Bloodhound to identify and mitigate threats. He's played a key role in the development and deployment of SOC infrastructure. He's delivered training to different tiers of the SOC team on security best practices, compliance, and the cyber threat landscape.

Previously at

Tarun Sharma
Tarun Sharma
Verified Expert in Engineering
Experience Icon

14+ Years

of Experience

Enterprise Security Architect

Tarun is a software architect who has worked with Fortune 500 clients and enterprise-level companies like Nestlé and Deloitte. He is also a result-oriented Citect SCADA Certified Engineer experienced in leading industrial control systems, SCADA, energy management systems (EMS), and critical infrastructure solution strategy development. As an IRCA Certified ISO 27001 Lead Auditor, Tarun has expertly consulted and audited based on the said ISO framework.

Previously at

Mark Castagneri
Mark Castagneri
Verified Expert in Engineering
Experience Icon

15+ Years

of Experience

Security Risk Strategist

Mark is a risk assessor, program manager, security operations engineer, and architect with over 10 years of experience implementing risk reduction initiatives. He has a deep understanding of various security frameworks and tools. Mark has successfully developed budgets, risk-informed roadmaps, and project plans and has led multidisciplinary teams to effectively reduce risks and demonstrate compliance with standards, as confirmed by third-party auditors.

Previously at

Joe Bagdon
Joe Bagdon
Verified Expert in Engineering
Experience Icon

30+ Years

of Experience

Executive Security Advisor

Joe is a seasoned security and infrastructure engineering professional with experience performing application and network assessments, writing and enforcing policies, providing defense for an enterprise environment, and administrating infrastructures. He has in-depth knowledge of information security, information technology, and information warfare. Joe is a competent Python programmer, adding automation and integration that reduces workloads.

Previously at

INSIGHTS FROM THOUGHT LEADERS

The Executive Guidance Podcast

Explore insights from industry leaders in information security, artificial intelligence, cloud services, marketing, management consulting, innovation, and more.

About the host

Michael Figueroa

Michael Figueroa

Information Security Practice Lead

Michael leads a global consulting practice that disrupts traditional hiring by matching top experts from the Toptal network with leading companies. Before joining Toptal, Michael served as president of the Advanced Cyber Security Center, and held other roles in the field, including consultant, principal investigator, advisor to government officials, and chief information security officer.

AI and Cybersecurity: Challenges and Opportunities

Join Toptal’s Information Security Practice Lead, Michael Figueroa, and Intel’s Federal CTO and Senior Principal Engineer, Steve Orrin, in an engaging chat about adapting to AI in a new era of cybersecurity.

Listen on your favorite platform

About the host

Michael Figueroa

Michael Figueroa

Information Security Practice Lead

Michael leads a global consulting practice that disrupts traditional hiring by matching top experts from the Toptal network with leading companies. Before joining Toptal, Michael served as president of the Advanced Cyber Security Center, and held other roles in the field, including consultant, principal investigator, advisor to government officials, and chief information security officer.

About the guest

Steve Orrin

Steve Orrin

Federal CTO and Senior Principal Engineer
Intel

CUSTOMIZED SOLUTIONS

Cybersecurity Expertise Tailored to Your Industry

Leverage Toptal's cybersecurity expertise to safeguard your business. Our cybersecurity teams provide specific, actionable, and industry-leading guidance across multiple industries from technology to healthcare and industrials.

Connect With Our Technology Team

Mario Merlano

Mario Merlano

Technology Industry Leader

Mario is an expert in account leadership, executive leadership, delivery, and project management/business analysis.

Previously Managed Client

Product Security Architecture

Ensure products are built with robust security features to safeguard your business and protect against cyberthreats throughout their usage.

Security Operations Management

Oversee security infrastructure, manage threat detection and response, and ensure continuous monitoring and improvement of security measures.

TRUSTED BY LEADING INDUSTRY PARTNERS:

Microsoft
Google
Amazon Web Services

Connect With Our Financial Services Team

Trace Johannesen

Trace Johannesen

Financial Services Industry Leader

With 25+ years in professional services, Trace excels in understanding client goals, aligning talent resources, and bringing a solution-oriented mindset to create excellent outcomes.

Years of experience

Financial Security Compliance and Audit Readiness

Comprehensive compliance solutions, including regular audits, risk assessments, and robust cybersecurity frameworks to protect financial data and transactions.

Financial Platform Threat Assessment

Identify potential cybersecurity vulnerabilities, assess the risk of financial data breaches, implement measures to mitigate these risks, and stay compliant.

A FEW OF OUR FINANCIAL SERVICES CLIENTS:

Blackstone
Taxfix
|SOS
HUB International

Connect With Our Communications, Media & Entertainment Team

Bryan Henderson

Bryan Henderson

Media & Entertainment Industry Leader

Bryan brings deep Agile delivery experience in product development, complex systems integration (custom and SaaS), project/program management, data analytics, and quality engineering.

Previously Managed Client

Media Industry Cybersecurity Solutions

Protect content throughout the creation to distribution process, safeguard intellectual property, and ensure the security of digital media platforms.

Platform Vulnerability Assessment

Identify security weaknesses in systems used for content creation, distribution, and management, and safeguard intellectual property and user data.

A FEW OF OUR COMMUNICATIONS, MEDIA & ENTERTAINMENT CLIENTS:

Duolingo
Los Angeles Times
Zendesk
Coupang

Connect With Our Consumer Products Team

Trace Johannesen

Trace Johannesen

Consumer Products Industry Leader

With 25+ years in professional services, Trace excels in understanding client goals, aligning talent resources, and bringing a solution-oriented mindset to create excellent outcomes.

Years of experience

Cybersecurity for Consumer product and Retail industry

Secure customer data, safeguard transactional information, and ensure the overall security of retail systems and networks.

E-commerce Platform Security

Fortify digital storefronts, protect customer data, ensure secure online transactions, and build trust among consumers.

A FEW OF OUR CONSUMER PRODUCTS CLIENTS:

DoorDash
Kohler
The Kraft Heinz Company
AB InBev

Connect With Our Healthcare Team

Raj Vishnu

Raj Vishnu

Healthcare Industry Leader

Raj is an expert in US healthcare, strategic sales, product development, digital delivery, Agile transformation, and technology leadership.

Previously Managed Client

Healthcare Security Compliance and Audit Readiness

Prepare for audits, implement best practices in security, and ensure all systems and processes are up-to-date with the latest healthcare compliance requirements.

Data Privacy and PHI/PII Protection:

Implement stringent security measures to safeguard patient health information (PHI) and personally identifiable information (PII).

A FEW OF OUR HEALTHCARE CLIENTS:

Calm
Centene
Henry Schein

Connect With Our Industrials Team

Jordan Fulk

Jordan Fulk

Industrials Leader

Jordan has a history of working in the talent industry across sales, market research, management, interviewing, and business relationship management.

Previously Managed Client

Operational Technology Protection

Implement secure systems to manage physical processes, ensure the safety of operations, and protect against cyberthreats.

Critical Infrastructure Regulatory Compliance Support

Maintain compliance with regulations governing critical infrastructure and ensure systems controlling physical processes meet security standards.

A FEW OF OUR INDUSTRIALS CLIENTS:

Precision Drilling
Bridgestone #262D3D
Ricoh

Connect with Our Automotive Team

Jordan Fulk

Jordan Fulk

Automotive Industry Leader

Jordan has a history of working in the talent industry across sales, market research, management, interviewing, and business relationship management.

Previously Managed Client

Automotive Platform Vulnerability Management

Monitor, assess, and respond to potential security threats in automotive technologies, ensuring the safety and integrity of vehicular systems.

Embedded Security Architecture

Design and implement security architectures for in-vehicle systems to protect against cyberattacks, ensuring the safety of automotive technologies.

A FEW OF OUR AUTOMOTIVE CLIENTS:

Toyota
Spin
Bridgestone

UNRIVALED EXPERTISE

Our Talent Has Worked With Top Companies

Having previously worked with these leading global companies, our talent brings valuable insights and expertise to deliver world-class outcomes.

Google
OpenAI
Meta
Microsoft
Apple
GoogleOpenAIMetaMicrosoftAppleIBMTeslaOracleAccentureAmazon Web ServicesAirbnbintelDuolingoBooking.comSAPHBOAdobeCiscoNvidiaSAS

OUR THOUGHT LEADERSHIP

Explore Insights From the Cybersecurity Field

Read the latest articles and resources to keep you current on emerging trends in digital innovation, customer experience, product design, UX best practices, and more.

3 Cybersecurity Archetypes and How They Affect Risk Priorities and Staffing

Is your organization an Operator, a Builder, or a Governor? Toptal's Information Security Practice Lead, Michael Figueroa, reveals how this knowledge helps CISOs fine-tune their security teams and tactics.

Read More
Michael Figueroa

Michael Figueroa

Information Security Practice Lead
27 Years of Experience
Michael is the Information Security Practice Lead at Toptal. He holds a bachelor’s degree in brain and cognitive sciences from the Massachusetts Institute of Technology and a master’s degree in high-tech crime investigations from George Washington University. Before joining Toptal, Michael served as executive director of the Advanced Cyber Security Center, and held other roles in the field, including consultant, principal investigator, advisor to government officials, and chief information security officer.

Previously at

Advanced Cyber Security CenterBooz Allen HamiltonBAE Systems

Discover how you can enhance your organizational security with cybersecurity consulting services

Get a Free Consultation Now